Explore top 10 tips to secure your open-source projects now. Read More
×
This update for mutt fixes the following issues: Security issues fixed: - CVE-2018-14352: Fix imap_quote_string in imap/util.c that does not leave room for quote characters (bsc#1101582). - CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer underflow (bsc#1101581). - CVE-2018-14362: Fix pop.c that does not forbid characters that may have unsafe interaction with message-cache pathnames (bsc#1101567). - CVE-2018-14354: Fix arbitrary command execution from remote IMAP servers via backquote characters (bsc#1101578). - CVE-2018-14356: Fix pop.c that mishandles a zero-length UID (bsc#1101576). - CVE-2018-14355: Fix imap/util.c that mishandles ".." directory traversal in a mailbox name (bsc#1101577). - CVE-2018-14349: Fix imap/command.c that mishandles a NO response without
#1101567 #1101570 #1101571 #1101573 #1101576
#1101577 #1101578 #1101581 #1101582 #1101588
#1101589 #936807
Cross- CVE-2018-14349 CVE-2018-14350 CVE-2018-14352
CVE-2018-14353 CVE-2018-14354 CVE-2018-14355
CVE-2018-14356 CVE-2018-14357 CVE-2018-14358
CVE-2018-14359 CVE-2018-14362
Affected Products:
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-SP3-LTSS
SUSE Linux Enterprise Point of Sale 11-SP3
SUSE Linux Enterprise Debuginfo 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP3
https://www.suse.com/security/cve/CVE-2018-14349.html
https://www.suse.com/security/cve/CVE-2018-14350.html
https://www.suse.com/security/cve/CVE-2018-14352.html
https://www.suse.com/security/cve/CVE-2018-14353.html
Get the latest Linux and open source security news straight to your inbox.